FEBRUARY 2025
INTRODUCTION
On occasion, we receive customer requests to support their internal authentication service to achieve a Single Sign-on (SSO) outcome i.e. the customer user can use their company username and password to authenticate to the Unity web portal and broader ecosystem applications.
This document outlines Unity’s current and future state capability with regards to supporting customer’s desire for Federated Authentication delivering a Single Sign-on user experience.
DEFINITIONS
While both Federated Authentication and SSO aim to simplify user logins, the key difference is that SSO manages access within a single organization, while Federated Authentication allows users to access applications across multiple different organizations. In short, SSO does not equal Federated Authentication.
UNITY CURRENT STATE CAPABILITY
Today Unity does not support Federated Authentication.
Our focus is currently on standardizing our internal SSO approach for the applications within the current Unity ecosystem using a centralized Authentication Service. Once that process is complete, we will enable Federated Authentication for our customers.
UNITY FUTURE STATE CAPABILITY
The intended future state is to allow customers to use Federated Authentication to Unity and the applications that are included in its ecosystem. We will be using an industry standard approach based on OIDC or SAML protocols. A list of compatible Authentication Services will be published. The enablement process will be:
- The customer will submit a support request to enable Federated Authentication stating which Authentication Service they use
- This request will be assessed by the Technology Team for compatibility between the customers’ Authentication Service and Unity’s Authentication Service
- If compatible, the customer will be requested to submit URL’s and keys which will be used to configure access for this customer to the Unity Authentication Service
- The customer will be provided with any configuration instructions needed on their side
The timeline for the Unity Authentication Service implementation is expected to be in calendar Q3 2025 i.e. July to September, 2025, noting that this is subject to change.
Phase 1 of the Unity Federated Authentication integration will allow customers to access the new Unity web portal through to the Unity On-road IoT application (formerly known as MiX Fleet Manager).
Phase 2 of the Unity Federated Authentication integration will allow customers to access the new Unity web portal through to other applications within the Unity ecosystem as those applications and made compatible with the Unity Authentication Service.
It is important to note that support for non-standard Federated Authentication protocols outside of OIDC and SAML will not be implemented.
A product announcement will be made when Phase 1 capability is ready for customers.
For further information and clarification please contact the Product Management team.